authMode

authMode
Path

$GLOBALS['TCA'][$table]['columns'][$field]['config']

type

string (keyword)

Scope

Display / Proc.

RenderType

all

Changed in version 12.0

The only valid value for TCA config option authMode is now explicitAllow. The values explicitDeny and individual are obsolete and no longer evaluated.

Authorization mode for the selector box. The only possible option is:

explicitAllow
All static values from the "items" array of the selector box will be added to a matrix in the backend user configuration where a value must be explicitly selected if a user (other than admin) is allowed to use it!)

Migration

Using authMode='explicitDeny'

The "deny list" approach for single field values has been removed, the only allowed option for authMode is explicitAllow. Extensions using config value explicitDeny should be adapted to switch to explicitAllow instead. The upgrade wizard "Migrate backend groups "explicit_allowdeny" field to simplified format." that transfers existing be_groups rows to the new format, drops any DENY fields and instructs admins to not set new access rights of affected backend groups.

Using authMode='individual'

Handling of authMode being set to individual has been fully dropped. The Core provides no alternative. This has been an obscure setting ever since and there is no direct migration. Extensions that rely on this handling need to find a substitution based on Core hooks, Core events or other existing Core API functionality.